Posted by & filed under General, Security, Windows / Server.

Not all companies have programs or licences for content filtering on their networks. It is arguably worth the $10-$60 per employee/year to licence a content filtering package in terms of increased productivity. What is difficult is selling the idea of spending a large chunk of money to management, especially in this economy. I would imagine a large number of companies can pinpoint their bandwidth and productivity problems to 10 or fewer websites. Facebook, Myspace, Youtube, etc…

Below is a logon script for Windows that will analyze the user’s hosts file and modify it accordingly to block Facebook or any other website you wish. It simply redirects to 127.0.0.1 (home).

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objShell = CreateObject("WScript.Shell")
Const ForReading = 1
Const ForWriting = 2
Const ForAppending = 8
hostsFile = objShell.ExpandEnvironmentStrings("%SystemRoot%") & "\system32\drivers\etc\hosts"
strIP = "127.0.0.1"
strValue = "facebook.com"
 
If objFSO.FileExists(hostsFile) Then
 Set objTextFile = objFSO.OpenTextFile(hostsFile, ForReading)
Else
 Set myFile = objFSO.CreateTextFile(hostsFile, True)
 myFile.WriteLine "127.0.0.1       localhost"
 myFile.WriteLine strIP & " " & strValue
 Wscript.Quit
End If
 
strFlag = 0
Do Until objTextFile.AtEndOfStream
 strLine = Trim(objTextFile.ReadLine)
 If InStr(strLine, strIP) > 0 Then
  If InStr(strLine, strValue) > 0 Then
   strFlag = "1"
  End If
 End If
Loop
objTextFile.Close
 
If strFlag = 0 Then
 Set objTextFile = objFSO.OpenTextFile(hostsFile, ForAppending)
 objTextFile.WriteLine vbCrLf & strIP & " " & strValue
End If

Another alternative is to block the IP address of the website using rules on your gateway firewall (Windows or router). The problem with this method is many of the larger sites have multiple IP addresses and adding block lines for each is tedious work. You can block entire ranges of IP addresses. Example: Adding 69.63.0.0/16 would block 69.63.0.0 – 69.63.255.255 (65,536 total addresses – 16bit block). Be careful though, some “good” websites may be in the ranges you block, but in a pinch, it does the job.

Finally, Untangle is an open source gateway that can be run on Windows or on its own dedicated server. It includes content filtering in addition to a multitude of other features. Try it out.

(4.25 out of 5)

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>